vmware-tanzu-labs / reference-platform-for-kubernetes Goto Github PK
View Code? Open in Web Editor NEWLicense: Other
License: Other
When deploying harbor role notary server goes into ImagePullBackOff.
Warning Failed 59m (x4 over 61m) kubelet Failed to pull image "projects.registry.vmware.com/rpk/notary-server-photon:v2.0.2": rpc error: code = NotFound desc = failed to pull and unpack image "projects.registry.vmware.com/rpk/notary-server-photon:v2.0.2": failed to resolve reference "projects.registry.vmware.com/rpk/notary-server-photon:v2.0.2": projects.registry.vmware.com/rpk/notary-server-photon:v2.0.2: not found
Support integrating with an external LDAP source rather than using the local LDAP server which is provisioned by default.
We should be using TLS for communication to our services. Currently, Harbor is the only service which is using certs. Add the appropriate annotations to the ingress resources in order to request certs for each of the services and verify they all work.
We need to:
We should support active directory as an external-dns provider.
Add Velero as a backup module
There are problems with volume mounts on SELinux in which the volume mounts within the container show up with insufficient permissions errors.
We found that we can put SELinux into Permissive mode to get around that. Open to other fixes on this as well, but I think simply putting into Permissive mode or disabling is a sufficient fix at this point.
spring-cloud-gateway role fails as role is still using beta non ga code.
Currently, RPK is only supported in internet connected mode. To support offline installations:
New process is to:
When new releases are cut, they are:
Also, because we follow DCO, we need commits signing off by XYZ.
Clean.cluster make target doesn't clean all RPK created objects such as the Dex CRD's for identity role and Elasticsearch CRD's for logging
This allows the individual resources to be consumed outside of their individual manifest files.
Supported versions table in quick start guide has invalid formatting
External DNS Azure DNS template has some legacy ytt code causing issues when starting the pod.
The in the README.md file was not to disparage users based on their choice of platform management style, rather to easily identify what category they fall into and quickly be able to choose how to manage based on their needs. Bronze, Silver, and Gold gives the impression that one is better than the other, when, in reality, they are all equal and meant to be adjusted based on platform operator needs.
Move from the build/ directory within the project to an explicit ~/.rpk directory.
This should contain:
Need to test with KIND. Steps:
KIND_INVENTORY="ci/clusters/kind-cluster-unit.yaml" KIND_BASE_CONFIG="ci/clusters/kind-cluster-config-unit.yaml" KIND_CLUSTER="rpk-kind" make setup.kind && make setup.kind.networking
- setup kindROLE=ingress make deploy.test.role
- deploy ingressROLE=ingress make demo.test.role
- demo ingressROLE=ingress make clean.test.role
- clean ingress (this is where it fails)Passwords inputs are required in cleartext currently. Would like a mechanism/framework to use Ansible-Vault (or equivalent) and pull in our vars that way.
A cheap alternative to this would be to, AT MINIMUM, require base64-encoded values.
Kibana takes a long time to come up. It used to take 25 mins to come up and @landerr and myself adjusted the resources. This helped it come up faster, but it still takes 5 mins to become available. For now, we are just looping until it becomes ready. We should still do this, but we need to find out why kibana is taking so long to become ready.
To Test
Deploy:
ROLE=logging make deploy.test.role
Observe that Kibana takes a long time to come up. Need to find out why this is and address the issue if possible, or document why if not possible to fix.
Considerations:
RPK assumes that the native integration isn't used. Add this to the identity docs. We need to have a fresh (no native config) install for this to work.
It looks like xip.io has been permanently shutdown. We need to remove support or modify to another dynamic DNS provider such as nip.io.
Problem:
As we progress RPK, we have no way of working with old inventory files. When new variables get added, users are unaware of it so their automation breaks. Backwards compatibility does not exist in these scenarios.
Idea:
Have a support role that has a template in it
Use build/inventory as the variables
Create the new inventory from the template and backup the old file for the user
make update.inventory perhaps could be the target
Right now roles that create projects/registries in Harbor ignore the TLS cert, we should instead collect Harbor's CA as a fact and use that in our calls to the API.
Use pre-flight steps to automatically login users of v7wk8s so that they do not have to do it out of band.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.